Bitteschön:)
OTL
OTL Logfile: Code:
OTL logfile created on: 13/02/2013 11:21:15 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tatjana\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 3,11 Gb Available Physical Memory | 77,72% Memory free
8,00 Gb Paging File | 6,33 Gb Available in Paging File | 79,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 498,51 Gb Total Space | 264,14 Gb Free Space | 52,98% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 80,37 Gb Free Space | 82,30% Space Free | Partition Type: NTFS
Drive E: | 596,07 Gb Total Space | 208,89 Gb Free Space | 35,05% Space Free | Partition Type: NTFS
Computer Name: TATJANA-PC | User Name: Tatjana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/11 17:45:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tatjana\Desktop\OTL.exe
PRC - [2013/02/01 21:32:19 | 000,207,312 | ---- | M] () -- C:\Users\Tatjana\Documents\AutoHotkey.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/29 14:50:25 | 003,463,080 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/10/08 16:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Programme\Tablet\Pen\WacomHost.exe
PRC - [2012/08/08 20:15:29 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/09 06:22:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 06:22:43 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/17 09:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2010/11/25 21:31:10 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010/01/27 09:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/07/07 13:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe
PRC - [2008/03/14 08:48:00 | 001,085,440 | ---- | M] (Hama GmbH & Co KG) -- C:\Program Files (x86)\Hama\Common\RaUI.exe
PRC - [2007/05/10 12:18:26 | 000,835,584 | ---- | M] () -- C:\Windows\vsnpstd3.exe
========== Modules (No Company Name) ==========
MOD - [2013/02/01 21:32:19 | 000,207,312 | ---- | M] () -- C:\Users\Tatjana\Documents\AutoHotkey.exe
MOD - [2010/04/29 14:03:00 | 000,128,512 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2008/03/11 10:55:54 | 000,069,120 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2007/05/10 12:18:26 | 000,835,584 | ---- | M] () -- C:\Windows\vsnpstd3.exe
========== Services (SafeList) ==========
SRV:64bit: - [2012/12/19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013/02/10 10:30:12 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/17 16:27:02 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2013/01/17 16:22:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2013/01/16 21:09:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/11 13:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV - [2012/11/29 14:50:25 | 003,463,080 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/25 19:16:06 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/05/09 06:22:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/09 06:22:43 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/07/22 21:16:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/03/28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/27 09:14:10 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/07/23 16:25:28 | 000,206,880 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/12/19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/12/03 16:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 16:36:34 | 000,013,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 09:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/11/06 12:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/10/23 17:40:32 | 000,077,144 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/05/09 06:22:43 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/09 06:22:43 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/15 23:55:03 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/09/09 11:10:19 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2011/07/27 11:23:13 | 000,272,448 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/07/08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/05 12:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009/11/05 13:04:42 | 000,513,600 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF9035BDA)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/03 08:40:18 | 010,916,352 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snpstd3.sys -- (SNPSTD3)
DRV:64bit: - [2009/07/01 11:20:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/06/10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/14 07:48:34 | 000,024,064 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\skfiltv.sys -- (skfiltv)
DRV:64bit: - [2008/03/13 08:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 08:15:12 | 010,526,464 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snpstd3.sys -- (SNPSTD3)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 49 11 B7 48 B8 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:1.0.1
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tatjana\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tatjana\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/17 11:13:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom15.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/12/30 22:03:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2013/02/10 14:22:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/22 16:34:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 12:37:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/12/30 22:03:44 | 000,000,000 | ---D | M]
[2013/01/22 16:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatjana\AppData\Roaming\mozilla\Extensions
[2013/02/10 15:10:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tatjana\AppData\Roaming\mozilla\Firefox\Profiles\zd8amunq.default\extensions
[2013/01/22 16:35:19 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Tatjana\AppData\Roaming\mozilla\Firefox\Profiles\zd8amunq.default\extensions\ich@maltegoetz.de
[2013/01/22 16:38:20 | 000,363,736 | ---- | M] () (No name found) -- C:\Users\Tatjana\AppData\Roaming\mozilla\firefox\profiles\zd8amunq.default\extensions\client@anonymox.net.xpi
[2013/01/22 16:35:55 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Tatjana\AppData\Roaming\mozilla\firefox\profiles\zd8amunq.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013/01/31 23:03:22 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Tatjana\AppData\Roaming\mozilla\firefox\profiles\zd8amunq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/02/12 20:47:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/01/16 21:10:14 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/24 09:40:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2013/01/17 01:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/01/17 01:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/17 01:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013/01/17 01:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/11/12 20:12:47 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
[2013/01/17 01:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/01/17 01:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Tatjana\AppData\Local\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tatjana\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tatjana\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Wajam (Enabled) = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Tatjana\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Movie2kDownloader = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0\
CHR - Extension: YouTube = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: AdBlock = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: Dolce&Gabbana = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Reload All Tabs = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0\
CHR - Extension: Ghostery = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: ChromeReload = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo\0.5_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Mein Chrome-Design = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: Hotmail = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.1_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Movie2kDownloader = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf\1.0_0\
CHR - Extension: YouTube = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: AdBlock = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: Dolce&Gabbana = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2_0\
CHR - Extension: Reload All Tabs = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2.12_0\
CHR - Extension: Ghostery = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: ChromeReload = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\njoipeaphfnaplplihpbgndfojhdhmjo\0.5_0\
CHR - Extension: Mehr Leistung und Videoformate fr dein HTML5 video = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Mein Chrome-Design = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: Hotmail = C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.1_0\
O1 HOSTS File: ([2013/02/12 21:45:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Programme\NVIDIA Corporation\Raid\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Tatjana\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Tatjana\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Tatjana\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Tatjana\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D20ED98-90CF-4915-B0D3-17DC25CEA942}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{479BB3D7-F75B-4CC9-AA67-536348037EA2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/12 22:06:02 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/02/12 21:31:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/02/12 21:31:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/02/12 21:31:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/02/12 21:19:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/02/12 21:19:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/02/12 20:55:24 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/02/12 20:54:23 | 000,000,000 | ---D | C] -- C:\JRT
[2013/02/12 20:45:20 | 005,033,736 | R--- | C] (Swearware) -- C:\Users\Tatjana\Desktop\ComboFix.exe
[2013/02/12 20:44:53 | 000,547,275 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Tatjana\Desktop\JRT (1).exe
[2013/02/12 15:45:56 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{887D04AD-FDCB-42A3-8F25-FAB57474672A}
[2013/02/11 18:27:04 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{3B2887CA-C1F1-4EF7-8D7E-B79439CA9732}
[2013/02/11 17:46:00 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\Documents\Anti-Malware
[2013/02/11 17:45:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tatjana\Desktop\OTL.exe
[2013/02/10 14:22:33 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2013/02/10 14:22:33 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2013/02/10 14:22:33 | 000,150,648 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2013/02/10 14:22:33 | 000,077,144 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys
[2013/02/10 14:21:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2013/02/10 14:19:34 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2013/02/10 14:19:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2013/02/10 14:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/02/10 14:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013/02/10 14:19:19 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Roaming\TestApp
[2013/02/10 13:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/02/09 19:51:26 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{665ACAA2-F464-4DF5-A129-F12DB743F768}
[2013/02/09 18:34:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie2KDownloader.com
[2013/02/09 18:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2013/02/08 16:22:23 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{129D47BE-11D8-4CFE-AE02-F740190616D8}
[2013/02/07 12:50:30 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{462EFACF-C36B-499B-B5FA-F526F16F38C2}
[2013/02/06 20:20:29 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{81BD0C6D-F98B-4EF7-B655-E9AEF912E9C2}
[2013/02/05 15:40:12 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{805CB274-993E-44CF-9510-DDAAE9F93BD5}
[2013/02/04 11:28:53 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{FB5D5A20-F45D-4C50-BE2C-7F1843798797}
[2013/02/03 11:51:43 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{EEC51B52-102E-4BAD-B74B-85DF8E0A69A3}
[2013/02/02 11:09:23 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{30141CBD-39D3-4A85-8854-C99D28D5A29C}
[2013/02/01 13:52:16 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{70F2EFE2-C747-49FC-9499-1459B7E3E869}
[2013/01/31 20:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2013/01/31 20:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2013/01/31 13:56:38 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{CBC9F4F8-DE0F-44B5-85C7-4821A5FCC66D}
[2013/01/30 22:49:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
[2013/01/30 20:35:12 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{7CD2522C-448F-4D5F-9DA5-F79D0E437F7F}
[2013/01/29 19:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/01/29 19:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/01/29 19:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013/01/29 19:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/01/28 12:28:14 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{A429DD18-B3FF-4A9C-8E01-AA3ED8A7E3BC}
[2013/01/27 14:38:09 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{454602DE-6F5F-4032-B58A-EF95B48A0AE3}
[2013/01/27 00:37:02 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{9A024762-7875-418C-A988-842DD0482301}
[2013/01/26 23:38:51 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\Documents\Brushes
[2013/01/26 10:44:00 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{A3361488-A136-4E93-B6E5-67DC9828A246}
[2013/01/25 20:28:22 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{EDAEFCFA-6C01-456E-B4DE-A1AFF61C349E}
[2013/01/25 00:08:39 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{D3B67A8E-24B9-421A-A1F0-6CB7BF81D7E0}
[2013/01/25 00:03:49 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{A59AF426-836A-4088-AD7A-6BF1FBC87EA8}
[2013/01/23 12:40:06 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{B7FEC995-E0CE-4264-8F00-C11C9612EA66}
[2013/01/22 16:34:34 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Roaming\Mozilla
[2013/01/22 16:34:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/01/22 13:28:32 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{8B4D534B-F4B8-4655-A22C-767962EDB974}
[2013/01/20 12:03:05 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{5DEE75CC-3B44-4479-B665-098E71108523}
[2013/01/19 12:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/17 17:14:26 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{3CAA1C1F-CE95-4F03-9339-EB5E1BDFEB87}
[2013/01/17 16:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2013/01/17 16:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2013/01/17 16:24:15 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2013/01/17 16:23:55 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/01/17 16:23:55 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/01/17 16:23:54 | 002,902,492 | ---- | C] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2013/01/17 16:23:54 | 001,939,968 | ---- | C] (Creative) -- C:\Windows\SysNative\Sens_oal.dll
[2013/01/17 16:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2013/01/17 16:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2013/01/17 16:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2013/01/17 16:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2013/01/15 13:25:19 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{F500807A-2616-4B47-A5F7-22D50A8D6714}
[2013/01/14 20:06:44 | 000,000,000 | ---D | C] -- C:\PhSp_CS2_UE_Ret
[2013/01/14 18:32:54 | 000,000,000 | ---D | C] -- C:\Users\Tatjana\AppData\Local\{3F06FA4E-A298-4A71-8747-D08257C0943A}
========== Files - Modified Within 30 Days ==========
[2013/02/13 11:19:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/13 10:54:01 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1567210954-914384379-861079116-1001UA.job
[2013/02/13 10:43:22 | 000,165,376 | ---- | M] () -- C:\Users\Tatjana\Desktop\SystemLook_x64.exe
[2013/02/13 10:40:18 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/13 10:40:18 | 000,014,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/13 10:38:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/13 10:33:03 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/13 10:32:51 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/02/13 10:32:43 | 3220,619,264 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/12 21:45:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/02/12 21:30:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/12 20:45:30 | 005,033,736 | R--- | M] (Swearware) -- C:\Users\Tatjana\Desktop\ComboFix.exe
[2013/02/12 20:45:05 | 000,547,275 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Tatjana\Desktop\JRT (1).exe
[2013/02/12 17:41:35 | 000,041,117 | ---- | M] () -- C:\Users\Tatjana\Desktop\gmer.rar
[2013/02/12 17:21:17 | 1514,876,836 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/02/12 16:22:44 | 000,000,000 | ---- | M] () -- C:\Users\Tatjana\defogger_reenable
[2013/02/12 16:22:09 | 000,365,568 | ---- | M] () -- C:\Users\Tatjana\Desktop\uocvk13r.exe
[2013/02/12 15:48:53 | 000,050,477 | ---- | M] () -- C:\Users\Tatjana\Desktop\Defogger (1).exe
[2013/02/11 19:07:17 | 000,019,675 | ---- | M] () -- C:\Users\Tatjana\Documents\hilferuf zu trojaner.odt
[2013/02/11 18:16:42 | 000,587,659 | ---- | M] () -- C:\Users\Tatjana\Desktop\adwcleaner.exe
[2013/02/11 17:45:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tatjana\Desktop\OTL.exe
[2013/02/10 14:19:55 | 002,379,105 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013/02/10 14:17:13 | 000,001,156 | ---- | M] () -- C:\Users\Tatjana\Documents\cc_20130210_141710.reg
[2013/02/10 12:54:02 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1567210954-914384379-861079116-1001Core.job
[2013/02/09 18:41:07 | 001,541,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/02/09 18:41:07 | 000,669,456 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/02/09 18:41:07 | 000,628,942 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/02/09 18:41:07 | 000,137,322 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/02/09 18:41:07 | 000,112,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/02/09 18:39:25 | 000,002,378 | ---- | M] () -- C:\Users\Tatjana\Documents\cc_20130209_183920.reg
[2013/02/09 17:52:22 | 000,001,305 | ---- | M] () -- C:\Users\Tatjana\Desktop\Alchemy.lnk
[2013/02/01 21:32:19 | 000,207,312 | ---- | M] () -- C:\Users\Tatjana\Documents\AutoHotkey.exe
[2013/02/01 21:32:07 | 000,001,167 | ---- | M] () -- C:\Users\Tatjana\Documents\AutoHotkey.ahk
[2013/02/01 18:55:07 | 000,125,983 | ---- | M] () -- C:\Users\Tatjana\Documents\koma-comic-strip-dogwarts-school-of-obedience-and-wizardry.jpg
[2013/02/01 10:59:46 | 000,002,407 | ---- | M] () -- C:\Users\Tatjana\Desktop\Google Chrome.lnk
[2013/01/30 21:08:06 | 002,844,402 | ---- | M] () -- C:\Users\Tatjana\practise.jpg
[2013/01/30 21:07:54 | 001,929,689 | ---- | M] () -- C:\Users\Tatjana\practise (2).jpg
[2013/01/17 16:24:10 | 000,000,314 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2013/01/17 16:23:55 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013/01/17 16:23:55 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013/01/14 20:58:47 | 005,526,708 | ---- | M] () -- C:\Users\Tatjana\IMG_0915.JPG
[2013/01/14 20:45:27 | 005,468,764 | ---- | M] () -- C:\Users\Tatjana\IMG_0911.JPG
[2013/01/14 20:22:57 | 003,609,825 | ---- | M] () -- C:\Users\Tatjana\IMG_0914.JPG
[2013/01/14 20:22:54 | 003,276,589 | ---- | M] () -- C:\Users\Tatjana\IMG_0913.JPG
========== Files Created - No Company Name ==========
[2013/02/13 10:43:21 | 000,165,376 | ---- | C] () -- C:\Users\Tatjana\Desktop\SystemLook_x64.exe
[2013/02/12 21:31:07 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/02/12 21:31:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/02/12 21:31:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/02/12 21:31:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/02/12 21:31:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/02/12 17:41:35 | 000,041,117 | ---- | C] () -- C:\Users\Tatjana\Desktop\gmer.rar
[2013/02/12 17:21:17 | 1514,876,836 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/02/12 16:22:44 | 000,000,000 | ---- | C] () -- C:\Users\Tatjana\defogger_reenable
[2013/02/12 16:22:07 | 000,365,568 | ---- | C] () -- C:\Users\Tatjana\Desktop\uocvk13r.exe
[2013/02/12 15:48:51 | 000,050,477 | ---- | C] () -- C:\Users\Tatjana\Desktop\Defogger (1).exe
[2013/02/11 18:44:35 | 000,019,675 | ---- | C] () -- C:\Users\Tatjana\Documents\hilferuf zu trojaner.odt
[2013/02/11 18:16:31 | 000,587,659 | ---- | C] () -- C:\Users\Tatjana\Desktop\adwcleaner.exe
[2013/02/10 14:22:33 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2013/02/10 14:22:33 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2013/02/10 14:22:33 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2013/02/10 14:22:33 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2013/02/10 14:22:33 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2013/02/10 14:19:40 | 002,379,105 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2013/02/10 14:17:11 | 000,001,156 | ---- | C] () -- C:\Users\Tatjana\Documents\cc_20130210_141710.reg
[2013/02/09 18:39:23 | 000,002,378 | ---- | C] () -- C:\Users\Tatjana\Documents\cc_20130209_183920.reg
[2013/02/09 17:52:22 | 000,001,305 | ---- | C] () -- C:\Users\Tatjana\Desktop\Alchemy.lnk
[2013/02/01 18:55:03 | 000,125,983 | ---- | C] () -- C:\Users\Tatjana\Documents\koma-comic-strip-dogwarts-school-of-obedience-and-wizardry.jpg
[2013/02/01 16:33:22 | 000,207,312 | ---- | C] () -- C:\Users\Tatjana\Documents\AutoHotkey.exe
[2013/02/01 10:59:46 | 000,002,407 | ---- | C] () -- C:\Users\Tatjana\Desktop\Google Chrome.lnk
[2013/01/31 21:03:22 | 000,001,167 | ---- | C] () -- C:\Users\Tatjana\Documents\AutoHotkey.ahk
[2013/01/30 21:07:03 | 002,844,402 | ---- | C] () -- C:\Users\Tatjana\practise.jpg
[2013/01/30 21:07:03 | 001,929,689 | ---- | C] () -- C:\Users\Tatjana\practise (2).jpg
[2013/01/22 16:34:25 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/17 16:28:07 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2013/01/17 16:24:10 | 000,025,262 | R--- | C] () -- C:\Windows\SysNative\xfisk.ini
[2013/01/17 16:24:10 | 000,000,052 | R--- | C] () -- C:\Windows\SysNative\ctzapxx.ini
[2013/01/17 16:24:02 | 000,000,381 | R--- | C] () -- C:\Windows\skMCcfg.ini
[2013/01/17 16:24:00 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2013/01/17 16:24:00 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013/01/17 16:24:00 | 000,083,456 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2013/01/17 16:24:00 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013/01/17 16:24:00 | 000,000,314 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2013/01/14 20:14:54 | 005,526,708 | ---- | C] () -- C:\Users\Tatjana\IMG_0915.JPG
[2013/01/14 20:14:54 | 005,468,764 | ---- | C] () -- C:\Users\Tatjana\IMG_0911.JPG
[2013/01/14 20:14:54 | 003,609,825 | ---- | C] () -- C:\Users\Tatjana\IMG_0914.JPG
[2013/01/14 20:14:54 | 003,276,589 | ---- | C] () -- C:\Users\Tatjana\IMG_0913.JPG
[2012/12/30 21:55:28 | 000,245,227 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/12/30 21:55:28 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/10/01 20:34:27 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/09/06 12:57:26 | 004,399,616 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012/07/28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/07/03 02:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/06/20 21:01:31 | 000,000,853 | ---- | C] () -- C:\Users\Tatjana\AppData\Local\RT73_{2D20ED98-90CF-4915-B0D3-17DC25CEA942}_sta
[2012/06/20 21:01:11 | 000,000,849 | ---- | C] () -- C:\Users\Tatjana\AppData\Local\RT73_{2D20ED98-90CF-4915-B0D3-17DC25CEA942}_prof
[2012/05/22 00:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/19 20:02:43 | 000,000,016 | ---- | C] () -- C:\Users\Tatjana\AppData\Roaming\blckdom.res
[2012/01/12 21:04:06 | 004,075,565 | ---- | C] () -- C:\Users\Tatjana\Portable SAI.rar
[2011/12/22 19:02:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/08 05:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011/10/14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/07/28 11:21:17 | 001,566,910 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/23 10:43:45 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2011/07/23 10:43:45 | 000,339,968 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2011/07/23 10:43:45 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2011/07/23 10:43:44 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2011/07/23 10:43:44 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2011/07/23 10:43:44 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
========== ZeroAccess Check ==========
[2011/11/17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{a3552933-a81c-d1ea-283c-bb3aa0cd804c}\L
[2012/08/11 12:57:44 | 000,002,048 | -HS- | M] () -- C:\Users\Tatjana\AppData\Local\{a3552933-a81c-d1ea-283c-bb3aa0cd804c}\@
[2011/11/17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Tatjana\AppData\Local\{a3552933-a81c-d1ea-283c-bb3aa0cd804c}\L
[2011/11/17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Tatjana\AppData\Local\{a3552933-a81c-d1ea-283c-bb3aa0cd804c}\U
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012/03/23 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\08017
[2012/03/23 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\08018
[2012/03/23 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\08019
[2012/08/16 11:42:19 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Audacity
[2012/07/17 10:43:00 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Azureus
[2012/12/30 16:21:43 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\BitTorrent
[2012/10/27 20:20:27 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/12/30 10:34:40 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\DAEMON Tools Pro
[2012/12/20 17:07:52 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\DVDVideoSoft
[2012/06/24 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\FreeHideIP
[2012/03/24 15:48:36 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\HandBrake
[2012/03/19 20:02:21 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\kock
[2012/04/30 18:53:20 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Leawo
[2012/02/19 11:15:06 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\ManyCam
[2011/10/10 17:46:04 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Music Editor Free
[2011/07/22 21:14:21 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\OpenOffice.org
[2012/07/21 12:53:05 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Opera
[2012/10/27 20:51:09 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\PDAppFlex
[2012/11/03 13:13:14 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Shark007
[2011/07/29 09:03:08 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\SYSTEMAX Software Development
[2012/12/03 15:20:59 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\TeamViewer
[2012/06/13 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\TerraTec
[2013/02/10 14:19:19 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\TestApp
[2012/04/30 18:54:06 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\tiger-k
[2011/12/11 12:35:25 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\TuneUp Software
[2012/03/21 13:09:15 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\UAs
[2011/07/29 17:21:24 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Ubisoft
[2012/12/30 16:21:28 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\uTorrent
[2012/11/03 13:09:00 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Win7codecs
[2011/09/14 20:33:01 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\Windows Live Writer
[2011/07/23 19:26:05 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\WTouch
[2012/03/21 13:09:19 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\xmldm
[2012/11/30 17:09:42 | 000,000,000 | ---D | M] -- C:\Users\Tatjana\AppData\Roaming\XnView
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report > --- --- ---
Systemlook Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 11:32 on 13/02/2013 by Tatjana
Administrator - Elevation successful
========== filefind ==========
Searching for "*SearchTheWeb*"
No files found.
Searching for "*delta*"
C:\Program Files (x86)\Common Files\Adobe\Help\de_DE\Photoshop\10.0\images\P_Delta_Sm_N.png --a---- 462 bytes [15:38 09/04/2007] [15:38 09/04/2007] 0ED5EEF9C7473AE5CC24F9275CF9EA80
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\Delta.as --a---- 3012 bytes [19:51 27/10/2012] [14:20 30/03/2012] BB5D9762741444706C4DBEA8E3B2A7CA
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\DeltaImpl.as --a---- 5595 bytes [19:51 27/10/2012] [14:20 30/03/2012] 82DFCBDD8952934D2730D58B37DDEABA
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\DeltaItem.as --a---- 4765 bytes [19:51 27/10/2012] [14:20 30/03/2012] CF593B4E6A785304836F751F96434626
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\DeltaPacket.as --a---- 2872 bytes [19:51 27/10/2012] [14:20 30/03/2012] 88EDA7DD7EE687F0AF55336B0E630111
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\DeltaPacketConsts.as --a---- 760 bytes [19:51 27/10/2012] [14:20 30/03/2012] E1EC7E36DBD146CAEC46CFA8522B795A
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\DeltaPacketImpl.as --a---- 5785 bytes [19:51 27/10/2012] [14:20 30/03/2012] E50B6442840F0303AD1473B3295264D9
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\components\datasetclasses\DeltaTreeDataProvider.as --a---- 2362 bytes [19:51 27/10/2012] [14:20 30/03/2012] D6016221A375DE30494D912987A96516
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Classes\mx\data\encoders\DatasetDeltaToXUpdateDelta.as --a---- 14630 bytes [19:51 27/10/2012] [14:20 30/03/2012] 5E64B7600A42B8662B3E48197C2DD9B3
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\DataTypes\DeltaPacket.xml --a---- 739 bytes [19:51 27/10/2012] [14:20 30/03/2012] 25D8DA999BD85478674890EDD5BAE28C
C:\Users\Tatjana\AppData\Local\Adobe\Flash CS6\de_DE\Configuration\Encoders\DatasetDeltaToXUpdateDelta.xml --a---- 604 bytes [19:51 27/10/2012] [14:59 30/03/2012] 1A06EEFCF9B5D4B779018734E4972081
C:\Windows\System32\msdelta.dll --a---- 451584 bytes [23:22 13/07/2009] [01:41 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\SysWOW64\msdelta.dll --a---- 305152 bytes [23:12 13/07/2009] [01:15 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069\msdelta.dll --a---- 451584 bytes [23:22 13/07/2009] [01:41 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7600.16385_none_655452efe0fb810b\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_678566b7ddea04a5\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\msdelta.dll --a---- 451584 bytes [02:55 14/07/2009] [02:55 14/07/2009] D9A5B279A8D2F8775FA254927F33DA6D
C:\Windows\winsxs\FileMaps\$$_media_delta_0f36d7d9b4f7293c.cdf-ms --a---- 2436 bytes [02:59 14/07/2009] [05:32 14/07/2009] 0ED4291DC068EB860AC15A6E5360224C
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_9c2159bf9f702069.manifest --a---- 2888 bytes [02:33 14/07/2009] [02:21 14/07/2009] 6B7D6AD4FA771B7D532B7AD67D396853
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7600.16385_none_c5d387d64eb8e1f2.manifest --a---- 2461 bytes [02:33 14/07/2009] [02:26 14/07/2009] B84326CF1509A48DF01F10CC45B97A3F
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_c8049b9e4ba7658c.manifest ------- 2461 bytes [13:40 23/07/2011] [04:21 20/11/2010] 8A388670A7B189FE5CE192B81E6F7401
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8.manifest --a---- 27794 bytes [02:17 14/07/2009] [02:18 14/07/2009] 2D159244CBBD3875345AFDD9C34B444B
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33.manifest --a---- 2886 bytes [02:33 14/07/2009] [01:54 14/07/2009] 110D843CC1C2B3A02A46D4AD962C04B6
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7600.16385_none_69b4ec52965b70bc.manifest --a---- 2459 bytes [02:33 14/07/2009] [01:57 14/07/2009] 6A0B78A725C86457BCED783D682C9BB5
C:\Windows\winsxs\Manifests\x86_microsoft-windows-deltapackageexpander_31bf3856ad364e35_6.1.7601.17514_none_6be6001a9349f456.manifest ------- 2459 bytes [13:40 23/07/2011] [03:10 20/11/2010] 771093D6028BE8C764993524B6392E70
C:\Windows\winsxs\x86_microsoft-windows-deltacompressionengine_31bf3856ad364e35_6.1.7600.16385_none_4002be3be712af33\msdelta.dll --a---- 305152 bytes [23:12 13/07/2009] [01:15 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7600.16385_none_0935b76c289e0fd5\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_0b66cb34258c936f\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\msdelta.dll --a---- 305152 bytes [02:43 14/07/2009] [02:43 14/07/2009] 739E51268B4BB79AB4F9E55F0018D0BC
Searching for "*AutocompletePro*"
C:\Program Files (x86)\Music Editor Free\AutocompleteProSetup.exe --a---- 371072 bytes [16:43 10/10/2011] [19:05 17/02/2010] 4780504BF5B43F9B91EE129A8677FAA4
Searching for "*Conduit*"
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe --a---- 73080 bytes [21:47 07/12/2012] [16:26 20/08/2012] 9A5E999C90861CE9B7906DBF429D4238
Searching for "*Iminent*"
No files found.
Searching for "*Protected Search*"
No files found.
Searching for "*DownTango*"
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.DownTango-0000.zip --a---- 13623 bytes [13:15 10/02/2013] [13:15 10/02/2013] 1EBAE72B35F02EE54E2FF671E94DD44C
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.DownTango-0001.zip --a---- 13753 bytes [13:15 10/02/2013] [13:15 10/02/2013] 4656DF634E072DD9830AAF0DA6A9ED78
C:\Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.DownTango-0000.zip --a---- 13623 bytes [13:15 10/02/2013] [13:15 10/02/2013] 1EBAE72B35F02EE54E2FF671E94DD44C
C:\Users\All Users\Spybot - Search & Destroy\Quarantine\Win32.DownTango-0001.zip --a---- 13753 bytes [13:15 10/02/2013] [13:15 10/02/2013] 4656DF634E072DD9830AAF0DA6A9ED78
Searching for "*Wajam*"
No files found.
Searching for "*PriceGong*"
No files found.
Searching for "*Softonic*"
C:\Users\Tatjana\Downloads\Spiele\Nintendo64\SoftonicDownloader_fuer_project64.exe --a---- 352960 bytes [17:27 07/08/2012] [11:48 06/08/2012] BF58699CDDBA1018AA395470F5F3EBA2
C:\Users\Tatjana\Downloads\Spiele\Nintendo64\Ns64\SoftonicDownloader_fuer_project64.exe --a---- 352960 bytes [11:31 06/08/2012] [11:31 06/08/2012] BF58699CDDBA1018AA395470F5F3EBA2
Searching for "*DataMngr*"
No files found.
========== folderfind ==========
Searching for "*AutocompletePro*"
No folders found.
Searching for "*Conduit*"
No folders found.
Searching for "*Iminent*"
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_IMinentToolbarIn_f21e51788b35e60c9276155a99961153d6808_057c04b1 d----c- [20:29 18/03/2012]
C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_IMinentToolbarIn_f21e51788b35e60c9276155a99961153d6808_057c04b1 d----c- [20:29 18/03/2012]
Searching for "*Protected Search*"
No folders found.
Searching for "*DownTango*"
C:\Program Files (x86)\Red Sky\DownTango d------ [19:10 12/11/2012]
C:\Users\Tatjana\AppData\LocalLow\DownTangoFTToolbar d------ [19:10 12/11/2012]
Searching for "*Wajam*"
No folders found.
Searching for "*PriceGong*"
No folders found.
Searching for "*Softonic*"
No folders found.
Searching for "*DataMngr*"
No folders found.
========== regfind ==========
Searching for "AutocompletePro"
No data found.
Searching for "Conduit"
No data found.
Searching for "Iminent"
No data found.
Searching for "Protected Search"
No data found.
Searching for "DownTango"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c9ba8b08_0]
@="{0.0.0.00000000}.{098e2a82-3b34-4548-9097-2359082c0d17}|\Device\HarddiskVolume4\Program Files (x86)\Red Sky\DownTango\DownTango.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\Red Sky\DownTango]
[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Program Files (x86)\Red Sky\DownTango]
[HKEY_USERS\S-1-5-21-1567210954-914384379-861079116-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\c9ba8b08_0]
@="{0.0.0.00000000}.{098e2a82-3b34-4548-9097-2359082c0d17}|\Device\HarddiskVolume4\Program Files (x86)\Red Sky\DownTango\DownTango.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1567210954-914384379-861079116-1001\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files (x86)\Red Sky\DownTango]
[HKEY_USERS\S-1-5-21-1567210954-914384379-861079116-1001\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Program Files (x86)\Red Sky\DownTango]
Searching for "Wajam"
No data found.
Searching for "PriceGong"
No data found.
Searching for "Softonic"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\bec5d21c_0]
@="{0.0.0.00000000}.{e688534a-2edd-4a40-8a78-336964ca0bad}|\Device\HarddiskVolume4\Users\Tatjana\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_audacity_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_audacity_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_desmume_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_desmume_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_free-video-to-mp3-converter_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_free-video-to-mp3-converter_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_k-lite-codec-pack_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut (1)_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut (1)_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut (2)_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut (2)_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_mp3directcut_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_music-editor-free_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_music-editor-free_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_project64_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_project64_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_tunebite_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_tunebite_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_virtualdub_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_virtualdub_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_visualboyadvance_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_visualboyadvance_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\softonic_ggl_1_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\softonic_ggl_1_RASMANCS]
[HKEY_USERS\S-1-5-21-1567210954-914384379-861079116-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\bec5d21c_0]
@="{0.0.0.00000000}.{e688534a-2edd-4a40-8a78-336964ca0bad}|\Device\HarddiskVolume4\Users\Tatjana\Downloads\SoftonicDownloader_fuer_k-lite-codec-pack.exe%b{00000000-0000-0000-0000-000000000000}"
Searching for "DataMngr"
No data found.
-= EOF =- |